package moddb.resource;

//import java.sql.*;
import moddb.schema.*;
import javax.ws.rs.*;
import javax.ws.rs.core.*;
import javax.ws.rs.core.Response.*;
import moddb.Backend;

@Path("/users")
public class MiddletierUsersResource {
  
  @Context
  protected SecurityContext security;
  
  /*
   * Register a new user
   */
  @POST
  @Consumes("text/xml")
  public Response post(User user) {
    if (Backend.registerUser(user.name, user.password)) {
      return Response.status(Status.CREATED).build();
    } else {
      return Response.status(Status.SERVICE_UNAVAILABLE).build();
    }
  }
  
  /*
   * Get role
   */
  @GET
  @Produces("text/xml")
  @Path("myrole")
  public String getRole() {
    
    if (security.isUserInRole("guest")) {
      return "guest";
    } else if (security.isUserInRole("user")) {
      return "user";
    } else if (security.isUserInRole("admin")) {
      return "admin";
    } else {
      return "unknown";
    }
    
  }
  
  /*
   * Query files
   */
  @GET
  @Produces("text/xml")
  @Path("{userquery}/files/{filequery}")
  public Files getFiles(@PathParam("userquery") String userQuery, 
                   @PathParam("filequery") String fileQuery) {
                   
    return getFiles(userQuery, fileQuery, 10, 0);
  }
  
  /*
   * Query files with specified max hits (limit) and offset
   */
  @GET
  @Produces("text/xml")
  @Path("{userquery}/files/{filequery}/limit/{limitval}/offset/{offsetval}")
  public Files getFiles(@PathParam("userquery") String userQuery, 
                   @PathParam("filequery") String fileQuery,
                   @PathParam("limitval") int limit,
                   @PathParam("offsetval") int offset) {

    return new Files(Backend.getFiles(userQuery, fileQuery, limit, offset));
  }
  
  /*
   * Downloading a specific file
   */
  @GET
  @Path("/{username}/files/{fileid}")
  public Response getFile(@PathParam("username") String username,
                          @PathParam("fileid") int fileId) {
    
    // The requester must be in the role admin or user, guests are not allowed 
    // to download files.
    if (!(security.isUserInRole("user") || security.isUserInRole("admin"))) {
      return Response.status(Status.UNAUTHORIZED).build();
    }
    
    byte[] data = Backend.getFileData(username, fileId);
    
    if (data != null) {
      return Response.ok(data).build();
    } else {
      return Response.status(Status.NOT_FOUND).build();
    }
    
  }
  
  /*
   * Upload a file
   */
  @PUT
  @Path("/{username}/files/{filename}")
  public Response uploadFile(@PathParam("username") String username, 
                             @PathParam("filename") String filename, 
                             byte[] bs) {
    
    // The uploader must be in the role admin or user, guests are not allowed 
    // to upload files.
    if (!(security.isUserInRole("user") || security.isUserInRole("admin"))) {
      return Response.status(Status.UNAUTHORIZED).build();
    }
    
    if (Backend.uploadFile(username, filename, bs)) {
      return Response.status(Status.CREATED).build();
    } else {
      return Response.status(Status.SERVICE_UNAVAILABLE).build();
    }
  }
  
  /*
   * Delete a file
   */
  @DELETE
  @Path("/{username}/files/{fileid}")
  public Response deleteFile(@PathParam("username") String username,
                             @PathParam("fileid") int fileId) {

    // The deleter must be in the role admin or user, guests are not allowed 
    // to delete files.
    if (!(security.isUserInRole("user") || security.isUserInRole("admin"))) {
      return Response.status(Status.UNAUTHORIZED).build();
    }
    
    // If not admin the user must be the owner of the file to delete
    if (!security.isUserInRole("admin") && !security.getUserPrincipal().getName().equals(username)) {
      return Response.status(Status.UNAUTHORIZED).build();
    }
    
    if (Backend.deleteFile(fileId)) {
      return Response.status(Status.NO_CONTENT).build();
    } else {
      return Response.status(Status.NOT_FOUND).build();
    }
  }
  
}
